gnu-arch-users
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Gnu-arch-users] (fairly minor) SECURITY ISSUE

From: Tom Lord
Subject: Re: [Gnu-arch-users] (fairly minor) SECURITY ISSUE
Date: Tue, 20 Jan 2004 19:05:08 -0800 (PST) 


    > From: James Blackwell <address@hidden>

    > Think you could do something like this?  (slightly reformatted for mail)

    > int
    > verify_checksum ( t_uchar * checksum_file )
    >   {
    [....]


If you mean within tla, no -- although it seems a trivially simple
solution it is not one I'd like to use.

Currently, the signing mechanism in tla is signing-regimen-agnostic.
You don't have to use gpg (or any other pgp work-similar).   You could
cons up something with any crypto tool you like.

The problem is that gpg can sign a file, producing a .asc file output
-- but I don't see any mechanism by which I can ask gpg "Hey, is this
file the .asc file you made?"  In particular, I can insert "junk"
before or after the gpg signature block and gpg just happily ignores
it.

Saying it again:  given:

        gpg --clearsign foo > foo.signed

I want to ask gpg (or some trivial script involving gpg): "is
foo.signed _exactly_ the output of gpg --clearsign foo?"

Would seem a simple and obvious functionality to want until you
realize that gpg doesn't make it easy.

-t
reply via email to
[Prev in Thread] Current Thread [Next in Thread]